Don't miss the latest stories
WhatsApp Exposed Users’ Phone Numbers On Google Search, 300,000 Affected
By Thanussha Priyah, 11 Jun 2020
Subscribe to newsletter
Like us on Facebook
Image via BigTunaOnline / Shutterstock.com
WhatApp confirms that it has fixed an issue that previously leaked users’ phone numbers in Google search results.
The vulnerability was discovered by security researcher Athul Jayaram, who found that users who had used the Facebook-owned messaging app’s ‘Click to Chat’ feature had their phone numbers indexed in search.
The feature enables users to create links in order to start conversations with people who are not in their contacts by adding the recipients’ phone numbers at the back of URLs. Jayaram related that the links do not have a robot.txt file in the server root, which means they would not prevent Google Search or other search engines from indexing the links.
Jayaram also found that there were more than 300,000 phone numbers appearing in Google search results. The numbers were exposed when internet users search “site:wa.me.”
Though WhatsApp has promised that the issue has been fixed, the leak remains a security breach as the problem persisted for several months.
UPDATE: Whatsapp removes all leaked links from https://t.co/qm3PdMEv2B in the Google search engine
— Athul Jayaram (@athuljayaram) June 9, 2020
That is 400000 Whatsapp numbers removed in Google
Web is a safer place today.
For a finding rejected by FB, Do I deserve reward?#AthulVsWhatsapp @fbsecurity @WhatsApp pic.twitter.com/gPh5zzm6I8
[via Engadget, cover image via BigTunaOnline / Shutterstock.com]
Receive interesting stories like this one in your inbox
Also check out these recent news